X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=dimensions%2Fincludes%2Fdimensions_db.inc;h=8a4f7a541b2c4b8f972bcd94d5f220f5714345a9;hb=4a2b99e23da068a31623fc054dee234a63f50e6a;hp=2dfe683846e4738ff20bca0c604d5d7c51a18169;hpb=d567a10b7925c8bb97c734e213d6651a979af29d;p=fa-stable.git

diff --git a/dimensions/includes/dimensions_db.inc b/dimensions/includes/dimensions_db.inc
index 2dfe6838..8a4f7a54 100644
--- a/dimensions/includes/dimensions_db.inc
+++ b/dimensions/includes/dimensions_db.inc
@@ -11,20 +11,22 @@
 ***********************************************************************/
 function add_dimension($reference, $name, $type_, $date_, $due_date, $memo_)
 {
+	global $Refs;
+
 	begin_transaction();
 
 	$date = date2sql($date_);
 	$duedate = date2sql($due_date);
 
 	$sql = "INSERT INTO ".TB_PREF."dimensions (reference, name, type_, date_, due_date)
-		VALUES (".db_escape($reference).", ".db_escape($name).", $type_, '$date', '$duedate')";
+		VALUES (".db_escape($reference).", ".db_escape($name).", ".db_escape($type_)
+		.", '$date', '$duedate')";
 	db_query($sql, "could not add dimension");
-
 	$id = db_insert_id();
 
-	add_comments(systypes::dimension(), $id, $date_, $memo_);
+	add_comments(ST_DIMENSION, $id, $date_, $memo_);
 
-	references::save_last($reference, systypes::dimension());
+	$Refs->save(ST_DIMENSION, $id, $reference);
 
 	commit_transaction();
 
@@ -39,14 +41,14 @@ function update_dimension($id, $name, $type_, $date_, $due_date, $memo_)
 	$duedate = date2sql($due_date);
 
 	$sql = "UPDATE ".TB_PREF."dimensions SET name=".db_escape($name).",
-		type_ = $type_,
+		type_ = ".db_escape($type_).",
 		date_='$date',
 		due_date='$duedate'
-		WHERE id = $id";
+		WHERE id = ".db_escape($id);
 
 	db_query($sql, "could not update dimension");
 
-	update_comments(systypes::dimension(), $id, null, $memo_);
+	update_comments(ST_DIMENSION, $id, null, $memo_);
 
 	commit_transaction();
 
@@ -58,10 +60,10 @@ function delete_dimension($id)
 	begin_transaction();
 
 	// delete the actual dimension
-	$sql="DELETE FROM ".TB_PREF."dimensions WHERE id=$id";
+	$sql="DELETE FROM ".TB_PREF."dimensions WHERE id=".db_escape($id);
 	db_query($sql,"The dimension could not be deleted");
 
-	delete_comments(systypes::dimension(), $id);
+	delete_comments(ST_DIMENSION, $id);
 
 	commit_transaction();
 }
@@ -70,7 +72,7 @@ function delete_dimension($id)
 
 function get_dimension($id, $allow_null=false)
 {
-    $sql = "SELECT * FROM ".TB_PREF."dimensions	WHERE id=$id";
+    $sql = "SELECT * FROM ".TB_PREF."dimensions	WHERE id=".db_escape($id);
 
 	$result = db_query($sql, "The dimension could not be retrieved");
 
@@ -120,7 +122,7 @@ function dimension_has_deposits($id)
 
 function dimension_has_payments($id)
 {
-	$sql = "SELECT SUM(amount) FROM ".TB_PREF."gl_trans WHERE dimension_id = $id";
+	$sql = "SELECT SUM(amount) FROM ".TB_PREF."gl_trans WHERE dimension_id = ".db_escape($id);
 	$res = db_query($sql, "Transactions could not be calculated");
 	$row = db_fetch_row($res);
 	return ($row[0] != 0.0);
@@ -136,10 +138,16 @@ function dimension_is_closed($id)
 
 function close_dimension($id)
 {
-	$sql = "UPDATE ".TB_PREF."dimensions SET closed='1' WHERE id = $id";
+	$sql = "UPDATE ".TB_PREF."dimensions SET closed='1' WHERE id = ".db_escape($id);
 	db_query($sql, "could not close dimension");
 }
 
 //--------------------------------------------------------------------------------------
 
+function reopen_dimension($id)
+{
+	$sql = "UPDATE ".TB_PREF."dimensions SET closed='0' WHERE id = $id";
+	db_query($sql, "could not reopen dimension");
+}
+
 ?>
\ No newline at end of file